[edk2-devel] [PATCH v2 5/6] CryptoPkg: Upgrade OpenSSL to 1.1.1b
Laszlo Ersek
lersek at redhat.com
Thu May 9 17:15:30 UTC 2019
(please read my email until my signature)
On 05/09/19 07:23, Xiaoyu lu wrote:
> From: Xiaoyu Lu <xiaoyux.lu at intel.com>
>
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1089
>
> Update OpenSSL submodule to OpenSSL_1_1_1b
> OpenSSL_1_1_1b(50eaac9f3337667259de725451f201e784599687)
>
> Run process_files.pl script to regenerate OpensslLib[Crypto].inf
> and opensslconf.h
>
> Remove NO_SYSLOG from OpensslLib[Crypto].inf
> When OPENSSL_SYS_UEFI is defined, NO_SYSLOG not be defined
> in OpenSSL_1_1_0j(74f2d9c1ec5f), but in
> OpenSSL_1_1_1b(50eaac9f333), NO_SYSLOG will
> be defined(e_os.h line 47).
This is still not a *commit reference* that I asked for, in
<https://edk2.groups.io/g/devel/message/39795>, bullet (1).
At this point, I'm no longer requesting an update to this part of the
commit message. However, I will explain what you should have done,
because I would like you to learn using "git blame".
(i) Run the following command:
$ git blame OpenSSL_1_1_1b -- e_os.h
This will produce a listing that specifies the origin of each line
in "e_os.h", at OpenSSL_1_1_1b.
In other words, for each line of the file, being investigated at tag
OpenSSL_1_1_1b, the command will tell you what the most recent
commit was (not later than OpenSSL_1_1_1b), that modified that line.
In this listing, scroll to line 47. This is what we get:
45 cff55b90e95e1 (Qin Long 2017-03-15 23:33:57 +0800 45) # if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)
46 3e83e686ba2e2 (Richard Levitte 2002-02-14 15:37:38 +0000 46) # define NO_CHMOD
47 3e83e686ba2e2 (Richard Levitte 2002-02-14 15:37:38 +0000 47) # define NO_SYSLOG
48 0f113f3ee4d62 (Matt Caswell 2015-01-22 03:40:55 +0000 48) # endif
You can see that NO_SYSLOG itself (line 47) comes from commit
3e83e686ba2e2. But, that commit was authored on 2002-02-14, so it's
likely not what we are after (it's too old). So let's look at the
context instead.
Line 45 looks relevant. Maybe NO_SYSLOG had already been there, and
Qin Long just modified the condition? The authorship date
(2017-03-15) also looks promising. So let's check commit
cff55b90e95e1:
(ii) Run the following command:
$ git show cff55b90e95e1
It prints:
| commit cff55b90e95e1fa6c90154f93f12363e761d88c7
| Author: Qin Long <qin.long at intel.com>
| Date: Wed Mar 15 23:33:57 2017 +0800
|
| Cleaning UEFI Build with additional OPENSSL_SYS_UEFI flags
|
| Add OPENSSL_SYS_UEFI to remove unused syslog and uid stuffs for
| more clean UEFI build.
|
| Reviewed-by: Rich Salz <rsalz at openssl.org>
| Reviewed-by: Richard Levitte <levitte at openssl.org>
| (Merged from https://github.com/openssl/openssl/pull/2961)
|
| diff --git a/e_os.h b/e_os.h
| index f255aa9c2228..241e0bac5451 100644
| --- a/e_os.h
| +++ b/e_os.h
| @@ -87,7 +87,7 @@ extern "C" {
| # define DEVRANDOM_EGD "/var/run/egd-pool","/dev/egd-pool","/etc/egd-pool","/etc/entropy"
| # endif
|
| -# if defined(OPENSSL_SYS_VXWORKS)
| +# if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)
| # define NO_SYS_PARAM_H
| # define NO_CHMOD
| # define NO_SYSLOG
| [...]
Yes, this is exactly the change we're looking for.
(iii) Let's double check that this commit appeared after OpenSSL_1_1_0j.
Run the following command:
$ git tag --contains cff55b90e95e1
It prints the following list of tags:
OpenSSL_1_1_1
OpenSSL_1_1_1-pre1
OpenSSL_1_1_1-pre2
OpenSSL_1_1_1-pre3
OpenSSL_1_1_1-pre4
OpenSSL_1_1_1-pre5
OpenSSL_1_1_1-pre6
OpenSSL_1_1_1-pre7
OpenSSL_1_1_1-pre8
OpenSSL_1_1_1-pre9
OpenSSL_1_1_1a
OpenSSL_1_1_1b
We can see that tag "OpenSSL_1_1_0j" is *not* in the list. And,
knowing the structure of the OpenSSL tag names, we can also
determine the commit was first included in OpenSSL_1_1_1.
This result is good -- it confirms that the NO_SYSLOG flag should
be removed from edk2 *right now*, when we are skipping over
OpenSSL_1_1_1.
(iv) As a result of the above investigation, the commit message is
supposed to say,
Remove -DNO_SYSLOG from OPENSSL_FLAGS in the INF file, due to
upstream OpenSSL commit cff55b90e95e ("Cleaning UEFI Build with
additional OPENSSL_SYS_UEFI flags", 2017-03-29), which was first
released as part of OpenSSL_1_1_1."
This is it -- one sentence, and it lets reviewers verify the change
very quickly.
Anyway: I'm no longer requesting that you update the commit message in
this paragraph. I just wanted to explain how "git blame" should be used.
> Add compiler_flags to buildinf.h file.
Same story as above: in <https://edk2.groups.io/g/devel/message/39795>,
bullet (4), I asked for a commit reference.
Let me spell out the steps again, in the OpenSSL tree:
$ git checkout OpenSSL_1_1_1b
$ git grep compiler_flags
This gives us "util/mkbuildinf.pl". Let's investigate the origin of the
lines in that file:
$ git blame -- util/mkbuildinf.pl
This gives us:
34 8a8d9e190533e (Rich Salz 2017-11-27 14:28:15 -0500 34) * Generate compiler_flags as an array of individual characters. This is a
35 f4a748a17d6a3 (Richard Levitte 2016-02-10 19:11:40 +0100 35) * workaround for the situation where CFLAGS gets too long for a C90 string
36 f4a748a17d6a3 (Richard Levitte 2016-02-10 19:11:40 +0100 36) * literal
37 f4a748a17d6a3 (Richard Levitte 2016-02-10 19:11:40 +0100 37) */
38 8a8d9e190533e (Rich Salz 2017-11-27 14:28:15 -0500 38) static const char compiler_flags[] = {
Okay, so let's check commit 8a8d9e190533e:
$ git show 8a8d9e190533e
$ git tag --contains 8a8d9e190533e
Yes, that's the right commit.
So, in the edk2 commit message, we should say:
Starting with OpenSSL commit 8a8d9e190533e (first released in
OpenSSL_1_1_1), the OpenSSL_version() function can no longer return a
pointer to the string literal "compiler: information not available",
in case the CFLAGS macro is not defined. Instead, the function now has
a hard dependency on the global variable 'compiler_flags'. This global
variable is normally placed by "util/mkbuildinf.pl" into "buildinf.h".
In edk2, we don't run that script whenever we build OpenSSL, therefore
we must provide our own dummy 'compiler_flags'.
But, I rest my case. :(
> From OpenSSL_1_1_0i(97c0959f27b294fe1eb10b547145ebef2524b896) to
> OpenSSL_1_1_1b(50eaac9f3337667259de725451f201e784599687), OpenSSL
> updated DRBG / RAND to request nonce and additional low entropy
> randomness from system(line 229 openssl/CHANGES).
> git diff OpenSSL_1_1_0i OpenSSL_1_1_1b crypto/include/internal/rand_int.h
> git diff OpenSSL_1_1_0i OpenSSL_1_1_1b crypto/rand/rand_unix.c
> But it is not implement for UEFI.
> Since OpenSSL_1_1_1b doesn't fully implement it. So add a new
> file(rand_pool.c) and implement it base on TimerLib.
> * rand_pool_acquire_entropy
> * rand_pool_add_nonce_data
> * rand_pool_add_additional_data
> * rand_pool_init
> * rand_pool_cleanup
> * rand_pool_keep_random_devices_open
I'm sorry but I still disagree with this implementation.
I understand that CHANGES says "low entropy":
229 *) Updated DRBG / RAND to request nonce and additional low entropy
230 randomness from the system.
231 [Matthias St. Pierre]
But what does "low entropy" mean?
How do we know that GetPerformanceCounter() provides enough randomness?
(TimerLib is usually based on a chipset timer, and not on measuring
timings of peripherals, such as spindle disk head movement, keyboard and
mouse delays, and so on.)
In "crypto/include/internal/rand_int.h", there is a comment,
> /* |entropy_factor| expresses how many bits of data contain 1 bit of entropy */
> size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor);
and we pass "1" for "entropy_factor".
How do we know that an "entropy factor" of constant 1 is correct, when:
- the randomness ultimately comes from GetPerformanceCounter() +
MicroSecondDelay(10),
- and TimerLib is platform specific?
Honestly, I have even *less* confidence in this version than in the
previous version. This code is more *obscure*, because it uses a
non-constant data source, and it uses AES-CBC-MAC for mixing it, but how
do we know it is secure enough?
I'm not a crypto expert, so I could easily be wrong about this, but just
because I cannot strongly imply that this code is wrong (like I could
imply for v1), that doesn't make it good.
How about the following:
- It seems like we cannot convince OpenSSL to *never* call these
functions, under UEFI.
- We also cannot provide an implementation that is *guaranteed* to be
secure enough, IMO.
- It seems like these functions *should* never be called in the edk2
build however, given that we're not trying to do anything "new" with
OpenSSL in edk2 -- we just want to use the new OpenSSL release for the
same old things.
- So why not just ensure that these functions *never return*?
(1) Basically implement all of the functions like this:
ASSERT (FALSE);
CpuDeadLoop ();
//
// if a return value is needed
//
return 0;
What do you think about this approach?
Continuing:
On 05/09/19 07:23, Xiaoyu lu wrote:
> We don't need ossl_store functions. So dummy implement them.
> add a new file(ossl_store.c) to implement ossl_store_cleanup_int function.
(2) If you configure OpenSSL with "no-store" -- as I suggest under v2
2/6, bullet (1) --, is the ossl_store_cleanup_int() function still
needed?
If not, then we can drop the file "ossl_store.c".
> BUFSIZ is used by crypto/evp/evp_key.c(OpenSSL_1_1_1b)
> And it is declared in stdio.h. So add it to CrtLibSupport.h.
The source file "crypto/evp/evp_key.c" has been referring to BUFSIZ
since ancient commit a63d5eaab28a (authored on 2001-05-06). In other
words, the BUFSIZ dependency is not new. What must have changed is the
definition of BUFSIZ.
In my previous review (link above), in bullet (7), I asked that you
please track down the change.
But, I guess I can try that myself. :(
$ git diff OpenSSL_1_1_0j..OpenSSL_1_1_1b -- crypto/evp/evp_key.c
Bingo; in OpenSSL_1_1_1b, the following preprocessor directives were
*removed* from around the BUFSIZ references (and more):
| -#ifndef OPENSSL_NO_UI
| -#endif /* OPENSSL_NO_UI */
When we're tracking down the removal of some lines, we can't use "git
blame", because the lines no longer exist, for "git blame" to analyze.
Therefore, we have to use:
$ git log --reverse --patch -G'OPENSSL_NO_UI' \
OpenSSL_1_1_0j..OpenSSL_1_1_1b -- crypto/evp/evp_key.c
And we immediately get:
| commit 48feaceb53fa6ae924e298b8eba0e247019313e4
| Author: Richard Levitte <levitte at openssl.org>
| Date: Sat Jul 1 12:14:37 2017 +0200
|
| Remove the possibility to disable the UI module entirely
|
| Instead, make it possible to disable the console reader that's part of
| the UI module. This makes it possible to use the UI API and other UI
| methods in environments where the console reader isn't useful.
|
| To disable the console reader, configure with 'no-ui-console' /
| 'disable-ui-console'.
|
| 'no-ui' / 'disable-ui' is now an alias for 'no-ui-console' /
| 'disable-ui-console'.
|
| Fixes #3806
|
| Reviewed-by: Rich Salz <rsalz at openssl.org>
| (Merged from https://github.com/openssl/openssl/pull/3820)
The commit message states that "no-ui" is *supposed* to automatically
disable the "console reader", by virtue of being an alias for
"no-ui-console".
However, we already have "no-ui" in our Configure invocation, and the
code still fails to compile. Therefore, this is an OpenSSL bug.
I have now filed the following upstream OpenSSL ticket:
https://github.com/openssl/openssl/issues/8904
(3) In "CryptoPkg/Library/Include/CrtLibSupport.h", please replace the
current comment ("BUFSIZ used in evp_key.c ..."), with a reference to
the above upstream OpenSSL ticket.
Please also reference this ticket in the commit message, where you
mention BUFSIZ.
> Cc: Jian J Wang <jian.j.wang at intel.com>
> Cc: Ting Ye <ting.ye at intel.com>
> Signed-off-by: Xiaoyu Lu <xiaoyux.lu at intel.com>
> ---
> CryptoPkg/Library/Include/CrtLibSupport.h | 8 +
> CryptoPkg/Library/Include/openssl/opensslconf.h | 54 ++--
> CryptoPkg/Library/OpensslLib/OpensslLib.inf | 44 +++-
> CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 35 ++-
> CryptoPkg/Library/OpensslLib/buildinf.h | 2 +
> CryptoPkg/Library/OpensslLib/openssl | 2 +-
> CryptoPkg/Library/OpensslLib/ossl_store.c | 17 ++
> CryptoPkg/Library/OpensslLib/rand_pool.c | 292 ++++++++++++++++++++++
> 8 files changed, 425 insertions(+), 29 deletions(-)
> create mode 100644 CryptoPkg/Library/OpensslLib/ossl_store.c
> create mode 100644 CryptoPkg/Library/OpensslLib/rand_pool.c
>
> diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h b/CryptoPkg/Library/Include/CrtLibSupport.h
> index b05c5d9..193f8de 100644
> --- a/CryptoPkg/Library/Include/CrtLibSupport.h
> +++ b/CryptoPkg/Library/Include/CrtLibSupport.h
> @@ -21,6 +21,14 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> #define MAX_STRING_SIZE 0x1000
>
> //
> +// BUFSIZ used in evp_key.c
> +// This is defined in CRT library(stdio.h).
> +//
> +#ifndef BUFSIZ
> +#define BUFSIZ 8192
> +#endif
> +
> +//
> // OpenSSL relies on explicit configuration for word size in crypto/bn,
> // but we want it to be automatically inferred from the target. So we
> // bypass what's in <openssl/opensslconf.h> for OPENSSL_SYS_UEFI, and
> diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h b/CryptoPkg/Library/Include/openssl/opensslconf.h
> index 28dd9ab..07fa2d3 100644
> --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
> +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
> @@ -10,6 +10,8 @@
> * https://www.openssl.org/source/license.html
> */
>
> +#include <openssl/opensslv.h>
> +
> #ifdef __cplusplus
> extern "C" {
> #endif
> @@ -77,18 +79,21 @@ extern "C" {
> #ifndef OPENSSL_NO_SEED
> # define OPENSSL_NO_SEED
> #endif
> +#ifndef OPENSSL_NO_SM2
> +# define OPENSSL_NO_SM2
> +#endif
> #ifndef OPENSSL_NO_SRP
> # define OPENSSL_NO_SRP
> #endif
> #ifndef OPENSSL_NO_TS
> # define OPENSSL_NO_TS
> #endif
> -#ifndef OPENSSL_NO_UI
> -# define OPENSSL_NO_UI
> -#endif
> #ifndef OPENSSL_NO_WHIRLPOOL
> # define OPENSSL_NO_WHIRLPOOL
> #endif
> +#ifndef OPENSSL_RAND_SEED_NONE
> +# define OPENSSL_RAND_SEED_NONE
> +#endif
> #ifndef OPENSSL_NO_AFALGENG
> # define OPENSSL_NO_AFALGENG
> #endif
> @@ -122,6 +127,9 @@ extern "C" {
> #ifndef OPENSSL_NO_DEPRECATED
> # define OPENSSL_NO_DEPRECATED
> #endif
> +#ifndef OPENSSL_NO_DEVCRYPTOENG
> +# define OPENSSL_NO_DEVCRYPTOENG
> +#endif
> #ifndef OPENSSL_NO_DGRAM
> # define OPENSSL_NO_DGRAM
> #endif
> @@ -155,6 +163,9 @@ extern "C" {
> #ifndef OPENSSL_NO_ERR
> # define OPENSSL_NO_ERR
> #endif
> +#ifndef OPENSSL_NO_EXTERNAL_TESTS
> +# define OPENSSL_NO_EXTERNAL_TESTS
> +#endif
> #ifndef OPENSSL_NO_FILENAMES
> # define OPENSSL_NO_FILENAMES
> #endif
> @@ -209,15 +220,24 @@ extern "C" {
> #ifndef OPENSSL_NO_TESTS
> # define OPENSSL_NO_TESTS
> #endif
> +#ifndef OPENSSL_NO_TLS1_3
> +# define OPENSSL_NO_TLS1_3
> +#endif
> #ifndef OPENSSL_NO_UBSAN
> # define OPENSSL_NO_UBSAN
> #endif
> +#ifndef OPENSSL_NO_UI_CONSOLE
> +# define OPENSSL_NO_UI_CONSOLE
> +#endif
> #ifndef OPENSSL_NO_UNIT_TEST
> # define OPENSSL_NO_UNIT_TEST
> #endif
> #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
> # define OPENSSL_NO_WEAK_SSL_CIPHERS
> #endif
> +#ifndef OPENSSL_NO_DYNAMIC_ENGINE
> +# define OPENSSL_NO_DYNAMIC_ENGINE
> +#endif
> #ifndef OPENSSL_NO_AFALGENG
> # define OPENSSL_NO_AFALGENG
> #endif
> @@ -236,15 +256,11 @@ extern "C" {
> * functions.
> */
> #ifndef DECLARE_DEPRECATED
> -# if defined(OPENSSL_NO_DEPRECATED)
> -# define DECLARE_DEPRECATED(f)
> -# else
> -# define DECLARE_DEPRECATED(f) f;
> -# ifdef __GNUC__
> -# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
> -# undef DECLARE_DEPRECATED
> -# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
> -# endif
> +# define DECLARE_DEPRECATED(f) f;
> +# ifdef __GNUC__
> +# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
> +# undef DECLARE_DEPRECATED
> +# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
> # endif
> # endif
> #endif
> @@ -268,6 +284,18 @@ extern "C" {
> # define OPENSSL_API_COMPAT OPENSSL_MIN_API
> #endif
>
> +/*
> + * Do not deprecate things to be deprecated in version 1.2.0 before the
> + * OpenSSL version number matches.
> + */
> +#if OPENSSL_VERSION_NUMBER < 0x10200000L
> +# define DEPRECATEDIN_1_2_0(f) f;
> +#elif OPENSSL_API_COMPAT < 0x10200000L
> +# define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f)
> +#else
> +# define DEPRECATEDIN_1_2_0(f)
> +#endif
> +
> #if OPENSSL_API_COMPAT < 0x10100000L
> # define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f)
> #else
> @@ -286,8 +314,6 @@ extern "C" {
> # define DEPRECATEDIN_0_9_8(f)
> #endif
>
> -
> -
> /* Generate 80386 code? */
> #undef I386_ONLY
>
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> index f4d7772..5e6b99e 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> @@ -15,13 +15,15 @@
> VERSION_STRING = 1.0
> LIBRARY_CLASS = OpensslLib
> DEFINE OPENSSL_PATH = openssl
> - DEFINE OPENSSL_FLAGS = -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DNO_SYSLOG
> + DEFINE OPENSSL_FLAGS = -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE
>
> #
> # VALID_ARCHITECTURES = IA32 X64 ARM AARCH64
> #
>
> [Sources]
> + ossl_store.c
> + rand_pool.c
> $(OPENSSL_PATH)/e_os.h
> # Autogenerated files list starts here
> $(OPENSSL_PATH)/crypto/aes/aes_cbc.c
> @@ -32,6 +34,7 @@
> $(OPENSSL_PATH)/crypto/aes/aes_misc.c
> $(OPENSSL_PATH)/crypto/aes/aes_ofb.c
> $(OPENSSL_PATH)/crypto/aes/aes_wrap.c
> + $(OPENSSL_PATH)/crypto/aria/aria.c
> $(OPENSSL_PATH)/crypto/asn1/a_bitstr.c
> $(OPENSSL_PATH)/crypto/asn1/a_d2i_fp.c
> $(OPENSSL_PATH)/crypto/asn1/a_digest.c
> @@ -54,6 +57,7 @@
> $(OPENSSL_PATH)/crypto/asn1/ameth_lib.c
> $(OPENSSL_PATH)/crypto/asn1/asn1_err.c
> $(OPENSSL_PATH)/crypto/asn1/asn1_gen.c
> + $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.c
> $(OPENSSL_PATH)/crypto/asn1/asn1_lib.c
> $(OPENSSL_PATH)/crypto/asn1/asn1_par.c
> $(OPENSSL_PATH)/crypto/asn1/asn_mime.c
> @@ -172,6 +176,7 @@
> $(OPENSSL_PATH)/crypto/conf/conf_ssl.c
> $(OPENSSL_PATH)/crypto/cpt_err.c
> $(OPENSSL_PATH)/crypto/cryptlib.c
> + $(OPENSSL_PATH)/crypto/ctype.c
> $(OPENSSL_PATH)/crypto/cversion.c
> $(OPENSSL_PATH)/crypto/des/cbc_cksm.c
> $(OPENSSL_PATH)/crypto/des/cbc_enc.c
> @@ -189,7 +194,6 @@
> $(OPENSSL_PATH)/crypto/des/pcbc_enc.c
> $(OPENSSL_PATH)/crypto/des/qud_cksm.c
> $(OPENSSL_PATH)/crypto/des/rand_key.c
> - $(OPENSSL_PATH)/crypto/des/rpc_enc.c
> $(OPENSSL_PATH)/crypto/des/set_key.c
> $(OPENSSL_PATH)/crypto/des/str2key.c
> $(OPENSSL_PATH)/crypto/des/xcbc_enc.c
> @@ -206,6 +210,7 @@
> $(OPENSSL_PATH)/crypto/dh/dh_pmeth.c
> $(OPENSSL_PATH)/crypto/dh/dh_prn.c
> $(OPENSSL_PATH)/crypto/dh/dh_rfc5114.c
> + $(OPENSSL_PATH)/crypto/dh/dh_rfc7919.c
> $(OPENSSL_PATH)/crypto/dso/dso_dl.c
> $(OPENSSL_PATH)/crypto/dso/dso_dlfcn.c
> $(OPENSSL_PATH)/crypto/dso/dso_err.c
> @@ -228,6 +233,7 @@
> $(OPENSSL_PATH)/crypto/evp/e_aes.c
> $(OPENSSL_PATH)/crypto/evp/e_aes_cbc_hmac_sha1.c
> $(OPENSSL_PATH)/crypto/evp/e_aes_cbc_hmac_sha256.c
> + $(OPENSSL_PATH)/crypto/evp/e_aria.c
> $(OPENSSL_PATH)/crypto/evp/e_bf.c
> $(OPENSSL_PATH)/crypto/evp/e_camellia.c
> $(OPENSSL_PATH)/crypto/evp/e_cast.c
> @@ -242,6 +248,7 @@
> $(OPENSSL_PATH)/crypto/evp/e_rc4_hmac_md5.c
> $(OPENSSL_PATH)/crypto/evp/e_rc5.c
> $(OPENSSL_PATH)/crypto/evp/e_seed.c
> + $(OPENSSL_PATH)/crypto/evp/e_sm4.c
> $(OPENSSL_PATH)/crypto/evp/e_xcbc_d.c
> $(OPENSSL_PATH)/crypto/evp/encode.c
> $(OPENSSL_PATH)/crypto/evp/evp_cnf.c
> @@ -259,6 +266,7 @@
> $(OPENSSL_PATH)/crypto/evp/m_null.c
> $(OPENSSL_PATH)/crypto/evp/m_ripemd.c
> $(OPENSSL_PATH)/crypto/evp/m_sha1.c
> + $(OPENSSL_PATH)/crypto/evp/m_sha3.c
> $(OPENSSL_PATH)/crypto/evp/m_sigver.c
> $(OPENSSL_PATH)/crypto/evp/m_wp.c
> $(OPENSSL_PATH)/crypto/evp/names.c
> @@ -271,10 +279,10 @@
> $(OPENSSL_PATH)/crypto/evp/p_seal.c
> $(OPENSSL_PATH)/crypto/evp/p_sign.c
> $(OPENSSL_PATH)/crypto/evp/p_verify.c
> + $(OPENSSL_PATH)/crypto/evp/pbe_scrypt.c
> $(OPENSSL_PATH)/crypto/evp/pmeth_fn.c
> $(OPENSSL_PATH)/crypto/evp/pmeth_gn.c
> $(OPENSSL_PATH)/crypto/evp/pmeth_lib.c
> - $(OPENSSL_PATH)/crypto/evp/scrypt.c
> $(OPENSSL_PATH)/crypto/ex_data.c
> $(OPENSSL_PATH)/crypto/getenv.c
> $(OPENSSL_PATH)/crypto/hmac/hm_ameth.c
> @@ -283,6 +291,7 @@
> $(OPENSSL_PATH)/crypto/init.c
> $(OPENSSL_PATH)/crypto/kdf/hkdf.c
> $(OPENSSL_PATH)/crypto/kdf/kdf_err.c
> + $(OPENSSL_PATH)/crypto/kdf/scrypt.c
> $(OPENSSL_PATH)/crypto/kdf/tls1_prf.c
> $(OPENSSL_PATH)/crypto/lhash/lh_stats.c
> $(OPENSSL_PATH)/crypto/lhash/lhash.c
> @@ -360,14 +369,14 @@
> $(OPENSSL_PATH)/crypto/pkcs7/pk7_mime.c
> $(OPENSSL_PATH)/crypto/pkcs7/pk7_smime.c
> $(OPENSSL_PATH)/crypto/pkcs7/pkcs7err.c
> - $(OPENSSL_PATH)/crypto/rand/md_rand.c
> + $(OPENSSL_PATH)/crypto/rand/drbg_ctr.c
> + $(OPENSSL_PATH)/crypto/rand/drbg_lib.c
> $(OPENSSL_PATH)/crypto/rand/rand_egd.c
> $(OPENSSL_PATH)/crypto/rand/rand_err.c
> $(OPENSSL_PATH)/crypto/rand/rand_lib.c
> $(OPENSSL_PATH)/crypto/rand/rand_unix.c
> $(OPENSSL_PATH)/crypto/rand/rand_vms.c
> $(OPENSSL_PATH)/crypto/rand/rand_win.c
> - $(OPENSSL_PATH)/crypto/rand/randfile.c
> $(OPENSSL_PATH)/crypto/rc4/rc4_enc.c
> $(OPENSSL_PATH)/crypto/rc4/rc4_skey.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_ameth.c
> @@ -379,8 +388,8 @@
> $(OPENSSL_PATH)/crypto/rsa/rsa_gen.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_lib.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_meth.c
> + $(OPENSSL_PATH)/crypto/rsa/rsa_mp.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_none.c
> - $(OPENSSL_PATH)/crypto/rsa/rsa_null.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_oaep.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_ossl.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_pk1.c
> @@ -392,15 +401,27 @@
> $(OPENSSL_PATH)/crypto/rsa/rsa_ssl.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_x931.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_x931g.c
> + $(OPENSSL_PATH)/crypto/sha/keccak1600.c
> $(OPENSSL_PATH)/crypto/sha/sha1_one.c
> $(OPENSSL_PATH)/crypto/sha/sha1dgst.c
> $(OPENSSL_PATH)/crypto/sha/sha256.c
> $(OPENSSL_PATH)/crypto/sha/sha512.c
> + $(OPENSSL_PATH)/crypto/siphash/siphash.c
> + $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c
> + $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c
> + $(OPENSSL_PATH)/crypto/sm3/m_sm3.c
> + $(OPENSSL_PATH)/crypto/sm3/sm3.c
> + $(OPENSSL_PATH)/crypto/sm4/sm4.c
> $(OPENSSL_PATH)/crypto/stack/stack.c
> $(OPENSSL_PATH)/crypto/threads_none.c
> $(OPENSSL_PATH)/crypto/threads_pthread.c
> $(OPENSSL_PATH)/crypto/threads_win.c
> $(OPENSSL_PATH)/crypto/txt_db/txt_db.c
> + $(OPENSSL_PATH)/crypto/ui/ui_err.c
> + $(OPENSSL_PATH)/crypto/ui/ui_lib.c
> + $(OPENSSL_PATH)/crypto/ui/ui_null.c
> + $(OPENSSL_PATH)/crypto/ui/ui_openssl.c
> + $(OPENSSL_PATH)/crypto/ui/ui_util.c
> $(OPENSSL_PATH)/crypto/uid.c
> $(OPENSSL_PATH)/crypto/x509/by_dir.c
> $(OPENSSL_PATH)/crypto/x509/by_file.c
> @@ -445,6 +466,7 @@
> $(OPENSSL_PATH)/crypto/x509v3/pcy_node.c
> $(OPENSSL_PATH)/crypto/x509v3/pcy_tree.c
> $(OPENSSL_PATH)/crypto/x509v3/v3_addr.c
> + $(OPENSSL_PATH)/crypto/x509v3/v3_admis.c
> $(OPENSSL_PATH)/crypto/x509v3/v3_akey.c
> $(OPENSSL_PATH)/crypto/x509v3/v3_akeya.c
> $(OPENSSL_PATH)/crypto/x509v3/v3_alt.c
> @@ -479,12 +501,14 @@
> $(OPENSSL_PATH)/ssl/d1_msg.c
> $(OPENSSL_PATH)/ssl/d1_srtp.c
> $(OPENSSL_PATH)/ssl/methods.c
> + $(OPENSSL_PATH)/ssl/packet.c
> $(OPENSSL_PATH)/ssl/pqueue.c
> $(OPENSSL_PATH)/ssl/record/dtls1_bitmap.c
> $(OPENSSL_PATH)/ssl/record/rec_layer_d1.c
> $(OPENSSL_PATH)/ssl/record/rec_layer_s3.c
> $(OPENSSL_PATH)/ssl/record/ssl3_buffer.c
> $(OPENSSL_PATH)/ssl/record/ssl3_record.c
> + $(OPENSSL_PATH)/ssl/record/ssl3_record_tls13.c
> $(OPENSSL_PATH)/ssl/s3_cbc.c
> $(OPENSSL_PATH)/ssl/s3_enc.c
> $(OPENSSL_PATH)/ssl/s3_lib.c
> @@ -502,16 +526,19 @@
> $(OPENSSL_PATH)/ssl/ssl_stat.c
> $(OPENSSL_PATH)/ssl/ssl_txt.c
> $(OPENSSL_PATH)/ssl/ssl_utst.c
> + $(OPENSSL_PATH)/ssl/statem/extensions.c
> + $(OPENSSL_PATH)/ssl/statem/extensions_clnt.c
> + $(OPENSSL_PATH)/ssl/statem/extensions_cust.c
> + $(OPENSSL_PATH)/ssl/statem/extensions_srvr.c
> $(OPENSSL_PATH)/ssl/statem/statem.c
> $(OPENSSL_PATH)/ssl/statem/statem_clnt.c
> $(OPENSSL_PATH)/ssl/statem/statem_dtls.c
> $(OPENSSL_PATH)/ssl/statem/statem_lib.c
> $(OPENSSL_PATH)/ssl/statem/statem_srvr.c
> $(OPENSSL_PATH)/ssl/t1_enc.c
> - $(OPENSSL_PATH)/ssl/t1_ext.c
> $(OPENSSL_PATH)/ssl/t1_lib.c
> - $(OPENSSL_PATH)/ssl/t1_reneg.c
> $(OPENSSL_PATH)/ssl/t1_trce.c
> + $(OPENSSL_PATH)/ssl/tls13_enc.c
> $(OPENSSL_PATH)/ssl/tls_srp.c
> # Autogenerated files list ends here
>
> @@ -521,6 +548,7 @@
>
> [LibraryClasses]
> DebugLib
> + TimerLib
>
> [LibraryClasses.ARM]
> ArmSoftFloatLib
(4) If you agree with my request under (1), then a TimerLib dependency
should not be added to [LibraryClasses], in either INF file.
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> index fd12d11..1362a46 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> @@ -15,13 +15,15 @@
> VERSION_STRING = 1.0
> LIBRARY_CLASS = OpensslLib
> DEFINE OPENSSL_PATH = openssl
> - DEFINE OPENSSL_FLAGS = -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DNO_SYSLOG
> + DEFINE OPENSSL_FLAGS = -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE
>
> #
> # VALID_ARCHITECTURES = IA32 X64 ARM AARCH64
> #
>
> [Sources]
> + ossl_store.c
> + rand_pool.c
> $(OPENSSL_PATH)/e_os.h
> # Autogenerated files list starts here
> $(OPENSSL_PATH)/crypto/aes/aes_cbc.c
> @@ -32,6 +34,7 @@
> $(OPENSSL_PATH)/crypto/aes/aes_misc.c
> $(OPENSSL_PATH)/crypto/aes/aes_ofb.c
> $(OPENSSL_PATH)/crypto/aes/aes_wrap.c
> + $(OPENSSL_PATH)/crypto/aria/aria.c
> $(OPENSSL_PATH)/crypto/asn1/a_bitstr.c
> $(OPENSSL_PATH)/crypto/asn1/a_d2i_fp.c
> $(OPENSSL_PATH)/crypto/asn1/a_digest.c
> @@ -54,6 +57,7 @@
> $(OPENSSL_PATH)/crypto/asn1/ameth_lib.c
> $(OPENSSL_PATH)/crypto/asn1/asn1_err.c
> $(OPENSSL_PATH)/crypto/asn1/asn1_gen.c
> + $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.c
> $(OPENSSL_PATH)/crypto/asn1/asn1_lib.c
> $(OPENSSL_PATH)/crypto/asn1/asn1_par.c
> $(OPENSSL_PATH)/crypto/asn1/asn_mime.c
> @@ -172,6 +176,7 @@
> $(OPENSSL_PATH)/crypto/conf/conf_ssl.c
> $(OPENSSL_PATH)/crypto/cpt_err.c
> $(OPENSSL_PATH)/crypto/cryptlib.c
> + $(OPENSSL_PATH)/crypto/ctype.c
> $(OPENSSL_PATH)/crypto/cversion.c
> $(OPENSSL_PATH)/crypto/des/cbc_cksm.c
> $(OPENSSL_PATH)/crypto/des/cbc_enc.c
> @@ -189,7 +194,6 @@
> $(OPENSSL_PATH)/crypto/des/pcbc_enc.c
> $(OPENSSL_PATH)/crypto/des/qud_cksm.c
> $(OPENSSL_PATH)/crypto/des/rand_key.c
> - $(OPENSSL_PATH)/crypto/des/rpc_enc.c
> $(OPENSSL_PATH)/crypto/des/set_key.c
> $(OPENSSL_PATH)/crypto/des/str2key.c
> $(OPENSSL_PATH)/crypto/des/xcbc_enc.c
> @@ -206,6 +210,7 @@
> $(OPENSSL_PATH)/crypto/dh/dh_pmeth.c
> $(OPENSSL_PATH)/crypto/dh/dh_prn.c
> $(OPENSSL_PATH)/crypto/dh/dh_rfc5114.c
> + $(OPENSSL_PATH)/crypto/dh/dh_rfc7919.c
> $(OPENSSL_PATH)/crypto/dso/dso_dl.c
> $(OPENSSL_PATH)/crypto/dso/dso_dlfcn.c
> $(OPENSSL_PATH)/crypto/dso/dso_err.c
> @@ -228,6 +233,7 @@
> $(OPENSSL_PATH)/crypto/evp/e_aes.c
> $(OPENSSL_PATH)/crypto/evp/e_aes_cbc_hmac_sha1.c
> $(OPENSSL_PATH)/crypto/evp/e_aes_cbc_hmac_sha256.c
> + $(OPENSSL_PATH)/crypto/evp/e_aria.c
> $(OPENSSL_PATH)/crypto/evp/e_bf.c
> $(OPENSSL_PATH)/crypto/evp/e_camellia.c
> $(OPENSSL_PATH)/crypto/evp/e_cast.c
> @@ -242,6 +248,7 @@
> $(OPENSSL_PATH)/crypto/evp/e_rc4_hmac_md5.c
> $(OPENSSL_PATH)/crypto/evp/e_rc5.c
> $(OPENSSL_PATH)/crypto/evp/e_seed.c
> + $(OPENSSL_PATH)/crypto/evp/e_sm4.c
> $(OPENSSL_PATH)/crypto/evp/e_xcbc_d.c
> $(OPENSSL_PATH)/crypto/evp/encode.c
> $(OPENSSL_PATH)/crypto/evp/evp_cnf.c
> @@ -259,6 +266,7 @@
> $(OPENSSL_PATH)/crypto/evp/m_null.c
> $(OPENSSL_PATH)/crypto/evp/m_ripemd.c
> $(OPENSSL_PATH)/crypto/evp/m_sha1.c
> + $(OPENSSL_PATH)/crypto/evp/m_sha3.c
> $(OPENSSL_PATH)/crypto/evp/m_sigver.c
> $(OPENSSL_PATH)/crypto/evp/m_wp.c
> $(OPENSSL_PATH)/crypto/evp/names.c
> @@ -271,10 +279,10 @@
> $(OPENSSL_PATH)/crypto/evp/p_seal.c
> $(OPENSSL_PATH)/crypto/evp/p_sign.c
> $(OPENSSL_PATH)/crypto/evp/p_verify.c
> + $(OPENSSL_PATH)/crypto/evp/pbe_scrypt.c
> $(OPENSSL_PATH)/crypto/evp/pmeth_fn.c
> $(OPENSSL_PATH)/crypto/evp/pmeth_gn.c
> $(OPENSSL_PATH)/crypto/evp/pmeth_lib.c
> - $(OPENSSL_PATH)/crypto/evp/scrypt.c
> $(OPENSSL_PATH)/crypto/ex_data.c
> $(OPENSSL_PATH)/crypto/getenv.c
> $(OPENSSL_PATH)/crypto/hmac/hm_ameth.c
> @@ -283,6 +291,7 @@
> $(OPENSSL_PATH)/crypto/init.c
> $(OPENSSL_PATH)/crypto/kdf/hkdf.c
> $(OPENSSL_PATH)/crypto/kdf/kdf_err.c
> + $(OPENSSL_PATH)/crypto/kdf/scrypt.c
> $(OPENSSL_PATH)/crypto/kdf/tls1_prf.c
> $(OPENSSL_PATH)/crypto/lhash/lh_stats.c
> $(OPENSSL_PATH)/crypto/lhash/lhash.c
> @@ -360,14 +369,14 @@
> $(OPENSSL_PATH)/crypto/pkcs7/pk7_mime.c
> $(OPENSSL_PATH)/crypto/pkcs7/pk7_smime.c
> $(OPENSSL_PATH)/crypto/pkcs7/pkcs7err.c
> - $(OPENSSL_PATH)/crypto/rand/md_rand.c
> + $(OPENSSL_PATH)/crypto/rand/drbg_ctr.c
> + $(OPENSSL_PATH)/crypto/rand/drbg_lib.c
> $(OPENSSL_PATH)/crypto/rand/rand_egd.c
> $(OPENSSL_PATH)/crypto/rand/rand_err.c
> $(OPENSSL_PATH)/crypto/rand/rand_lib.c
> $(OPENSSL_PATH)/crypto/rand/rand_unix.c
> $(OPENSSL_PATH)/crypto/rand/rand_vms.c
> $(OPENSSL_PATH)/crypto/rand/rand_win.c
> - $(OPENSSL_PATH)/crypto/rand/randfile.c
> $(OPENSSL_PATH)/crypto/rc4/rc4_enc.c
> $(OPENSSL_PATH)/crypto/rc4/rc4_skey.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_ameth.c
> @@ -379,8 +388,8 @@
> $(OPENSSL_PATH)/crypto/rsa/rsa_gen.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_lib.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_meth.c
> + $(OPENSSL_PATH)/crypto/rsa/rsa_mp.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_none.c
> - $(OPENSSL_PATH)/crypto/rsa/rsa_null.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_oaep.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_ossl.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_pk1.c
> @@ -392,15 +401,27 @@
> $(OPENSSL_PATH)/crypto/rsa/rsa_ssl.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_x931.c
> $(OPENSSL_PATH)/crypto/rsa/rsa_x931g.c
> + $(OPENSSL_PATH)/crypto/sha/keccak1600.c
> $(OPENSSL_PATH)/crypto/sha/sha1_one.c
> $(OPENSSL_PATH)/crypto/sha/sha1dgst.c
> $(OPENSSL_PATH)/crypto/sha/sha256.c
> $(OPENSSL_PATH)/crypto/sha/sha512.c
> + $(OPENSSL_PATH)/crypto/siphash/siphash.c
> + $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c
> + $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c
> + $(OPENSSL_PATH)/crypto/sm3/m_sm3.c
> + $(OPENSSL_PATH)/crypto/sm3/sm3.c
> + $(OPENSSL_PATH)/crypto/sm4/sm4.c
> $(OPENSSL_PATH)/crypto/stack/stack.c
> $(OPENSSL_PATH)/crypto/threads_none.c
> $(OPENSSL_PATH)/crypto/threads_pthread.c
> $(OPENSSL_PATH)/crypto/threads_win.c
> $(OPENSSL_PATH)/crypto/txt_db/txt_db.c
> + $(OPENSSL_PATH)/crypto/ui/ui_err.c
> + $(OPENSSL_PATH)/crypto/ui/ui_lib.c
> + $(OPENSSL_PATH)/crypto/ui/ui_null.c
> + $(OPENSSL_PATH)/crypto/ui/ui_openssl.c
> + $(OPENSSL_PATH)/crypto/ui/ui_util.c
> $(OPENSSL_PATH)/crypto/uid.c
> $(OPENSSL_PATH)/crypto/x509/by_dir.c
> $(OPENSSL_PATH)/crypto/x509/by_file.c
> @@ -445,6 +466,7 @@
> $(OPENSSL_PATH)/crypto/x509v3/pcy_node.c
> $(OPENSSL_PATH)/crypto/x509v3/pcy_tree.c
> $(OPENSSL_PATH)/crypto/x509v3/v3_addr.c
> + $(OPENSSL_PATH)/crypto/x509v3/v3_admis.c
> $(OPENSSL_PATH)/crypto/x509v3/v3_akey.c
> $(OPENSSL_PATH)/crypto/x509v3/v3_akeya.c
> $(OPENSSL_PATH)/crypto/x509v3/v3_alt.c
> @@ -482,6 +504,7 @@
>
> [LibraryClasses]
> DebugLib
> + TimerLib
>
> [LibraryClasses.ARM]
> ArmSoftFloatLib
> diff --git a/CryptoPkg/Library/OpensslLib/buildinf.h b/CryptoPkg/Library/OpensslLib/buildinf.h
> index c5ca293..5b3b50b 100644
> --- a/CryptoPkg/Library/OpensslLib/buildinf.h
> +++ b/CryptoPkg/Library/OpensslLib/buildinf.h
> @@ -1,2 +1,4 @@
> #define PLATFORM "UEFI"
> #define DATE "Fri Dec 22 01:23:45 PDT 2017"
> +
> +const char * compiler_flags = "";
(5) I suggest the following string literal here, instead:
"compiler: information not available from edk2"
Thank you,
Laszlo
> diff --git a/CryptoPkg/Library/OpensslLib/openssl b/CryptoPkg/Library/OpensslLib/openssl
> index 74f2d9c..50eaac9 160000
> --- a/CryptoPkg/Library/OpensslLib/openssl
> +++ b/CryptoPkg/Library/OpensslLib/openssl
> @@ -1 +1 @@
> -Subproject commit 74f2d9c1ec5f5510e1d3da5a9f03c28df0977762
> +Subproject commit 50eaac9f3337667259de725451f201e784599687
> diff --git a/CryptoPkg/Library/OpensslLib/ossl_store.c b/CryptoPkg/Library/OpensslLib/ossl_store.c
> new file mode 100644
> index 0000000..29e1506
> --- /dev/null
> +++ b/CryptoPkg/Library/OpensslLib/ossl_store.c
> @@ -0,0 +1,17 @@
> +/** @file
> + Dummy implement ossl_store(Store retrieval functions) for UEFI.
> +
> +Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +/*
> + * This function is cleanup ossl store.
> + *
> + * Dummy Implement for UEFI
> + */
> +void ossl_store_cleanup_int(void)
> +{
> +}
> +
> diff --git a/CryptoPkg/Library/OpensslLib/rand_pool.c b/CryptoPkg/Library/OpensslLib/rand_pool.c
> new file mode 100644
> index 0000000..c7cdeb0
> --- /dev/null
> +++ b/CryptoPkg/Library/OpensslLib/rand_pool.c
> @@ -0,0 +1,292 @@
> +/** @file
> + OpenSSL_1_1_1b doesn't implement rand_pool_* functions for UEFI.
> + The file implement these functions.
> +
> +Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include "internal/rand_int.h"
> +#include <openssl/aes.h>
> +#include <Uefi.h>
> +#include <Library/TimerLib.h>
> +
> +/**
> + Get some randomness from low-order bits of GetPerformanceCounter results.
> + And combine them to the 64-bit value
> +
> + @param[out] Rand Buffer pointer to store the 64-bit random value.
> +
> + @retval TRUE Random number generated successfully.
> + @retval FALSE Failed to generate.
> +**/
> +STATIC
> +BOOLEAN
> +EFIAPI
> +GetRandomSourceFromPerformanceCounter(
> + OUT UINT64 *Rand
> + )
> +{
> + UINT32 Index;
> + UINT32 *RandPtr;
> + RandPtr = (UINT32 *)Rand;
> +
> + if (Rand == NULL) {
> + return FALSE;
> + }
> +
> + for (Index = 0; Index < 2; Index ++) {
> + *RandPtr = (UINT32)(GetPerformanceCounter() & 0xFF);
> + MicroSecondDelay(10);
> + RandPtr++;
> + }
> +
> + return TRUE;
> +}
> +
> +/**
> + Calls GetRandomSourceFromPerformanceCounter to fill
> + a buffer of arbitrary size with random bytes.
> +
> + @param[in] Length Size of the buffer, in bytes, to fill with.
> + @param[out] RandBuffer Pointer to the buffer to store the random result.
> +
> + @retval EFI_SUCCESS Random bytes generation succeeded.
> + @retval EFI_NOT_READY Failed to request random bytes.
> +
> +**/
> +STATIC
> +BOOLEAN
> +EFIAPI
> +RandGetBytes (
> + IN UINTN Length,
> + OUT UINT8 *RandBuffer
> + )
> +{
> + BOOLEAN Ret;
> + UINT64 TempRand;
> +
> + Ret = FALSE;
> +
> + while (Length > 0) {
> + Ret = GetRandomSourceFromPerformanceCounter (&TempRand);
> + if (!Ret) {
> + return Ret;
> + }
> + if (Length >= sizeof (TempRand)) {
> + *((UINT64*)RandBuffer) = TempRand;
> + RandBuffer += sizeof (UINT64);
> + Length -= sizeof (TempRand);
> + } else {
> + CopyMem (RandBuffer, &TempRand, Length);
> + Length = 0;
> + }
> + }
> +
> + return Ret;
> +}
> +
> +/**
> + Creates a 128bit random value that is fully forward and backward prediction resistant,
> + suitable for seeding a NIST SP800-90 Compliant.
> + This function takes multiple random numbers from PerformanceCounter to ensure reseeding
> + and performs AES-CBC-MAC over the data to compute the seed value.
> +
> + @param[out] SeedBuffer Pointer to a 128bit buffer to store the random seed.
> +
> + @retval TRUE Random seed generation succeeded.
> + @retval FALSE Failed to request random bytes.
> +
> +**/
> +STATIC
> +BOOLEAN
> +EFIAPI
> +RandGetSeed128 (
> + OUT UINT8 *SeedBuffer
> + )
> +{
> + BOOLEAN Ret;
> + UINT8 RandByte[16];
> + UINT8 Key[16];
> + UINT8 Ffv[16];
> + UINT8 Xored[16];
> + UINT32 Index;
> + UINT32 Index2;
> + AES_KEY AESKey;
> +
> + //
> + // Chose an arbitary key and zero the feed_forward_value (FFV)
> + //
> + for (Index = 0; Index < 16; Index++) {
> + Key[Index] = (UINT8) Index;
> + Ffv[Index] = 0;
> + }
> +
> + AES_set_encrypt_key(Key, 16 * 8, &AESKey);
> +
> + //
> + // Perform CBC_MAC over 32 * 128 bit values, with 10us gaps between 128 bit value
> + // The 10us gaps will ensure multiple reseeds within the system time with a large
> + // design margin.
> + //
> + for (Index = 0; Index < 32; Index++) {
> + MicroSecondDelay (10);
> + Ret = RandGetBytes (16, RandByte);
> + if (!Ret) {
> + return Ret;
> + }
> +
> + //
> + // Perform XOR operations on two 128-bit value.
> + //
> + for (Index2 = 0; Index2 < 16; Index2++) {
> + Xored[Index2] = RandByte[Index2] ^ Ffv[Index2];
> + }
> +
> + AES_encrypt(Xored, Ffv, &AESKey);
> + }
> +
> + for (Index = 0; Index < 16; Index++) {
> + SeedBuffer[Index] = Ffv[Index];
> + }
> +
> + return Ret;
> +}
> +
> +/**
> + Generate high-quality entropy source.
> +
> + @param[in] Length Size of the buffer, in bytes, to fill with.
> + @param[out] Entropy Pointer to the buffer to store the entropy data.
> +
> + @retval EFI_SUCCESS Entropy generation succeeded.
> + @retval EFI_NOT_READY Failed to request random data.
> +
> +**/
> +STATIC
> +BOOLEAN
> +EFIAPI
> +RandGenerateEntropy (
> + IN UINTN Length,
> + OUT UINT8 *Entropy
> + )
> +{
> + BOOLEAN Ret;
> + UINTN BlockCount;
> + UINT8 Seed[16];
> + UINT8 *Ptr;
> +
> + BlockCount = Length / 16;
> + Ptr = (UINT8 *)Entropy;
> +
> + //
> + // Generate high-quality seed for DRBG Entropy
> + //
> + while (BlockCount > 0) {
> + Ret = RandGetSeed128 (Seed);
> + if (!Ret) {
> + return Ret;
> + }
> + CopyMem (Ptr, Seed, 16);
> +
> + BlockCount--;
> + Ptr = Ptr + 16;
> + }
> +
> + //
> + // Populate the remained data as request.
> + //
> + Ret = RandGetSeed128 (Seed);
> + if (!Ret) {
> + return Ret;
> + }
> + CopyMem (Ptr, Seed, (Length % 16));
> +
> + return Ret;
> +}
> +
> +
> +/*
> + * Add random bytes to the pool to acquire requested amount of entropy
> + *
> + * This function is platform specific and tries to acquire the requested
> + * amount of entropy by polling platform specific entropy sources.
> + */
> +size_t rand_pool_acquire_entropy(RAND_POOL *pool)
> +{
> + EFI_STATUS Status;
> + size_t bytes_needed;
> + unsigned char * buffer;
> +
> + bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
> + if (bytes_needed > 0) {
> + buffer = rand_pool_add_begin(pool, bytes_needed);
> +
> + if (buffer != NULL) {
> + Status = RandGenerateEntropy(bytes_needed, buffer);
> + if (EFI_ERROR (Status)) {
> + rand_pool_add_end(pool, 0, 0);
> + } else {
> + rand_pool_add_end(pool, bytes_needed, 8 * bytes_needed);
> + }
> + }
> + }
> +
> + return rand_pool_entropy_available(pool);
> +}
> +
> +/*
> + * Implementation for UEFI
> + */
> +int rand_pool_add_nonce_data(RAND_POOL *pool)
> +{
> + struct {
> + UINT64 Rand;
> + UINT64 TimerValue;
> + } data = { 0 };
> +
> + RandGetBytes(8, (UINT8 *)&(data.Rand));
> + data.TimerValue = GetPerformanceCounter();
> +
> + return rand_pool_add(pool, (unsigned char*)&data, sizeof(data), 0);
> +}
> +
> +/*
> + * Implementation for UEFI
> + */
> +int rand_pool_add_additional_data(RAND_POOL *pool)
> +{
> + struct {
> + UINT64 Rand;
> + UINT64 TimerValue;
> + } data = { 0 };
> +
> + RandGetBytes(8, (UINT8 *)&(data.Rand));
> + data.TimerValue = GetPerformanceCounter();
> +
> + return rand_pool_add(pool, (unsigned char*)&data, sizeof(data), 0);
> +}
> +
> +/*
> + * Dummy Implememtation for UEFI
> + */
> +int rand_pool_init(void)
> +{
> + return 1;
> +}
> +
> +/*
> + * Dummy Implememtation for UEFI
> + */
> +void rand_pool_cleanup(void)
> +{
> +}
> +
> +/*
> + * Dummy Implememtation for UEFI
> + */
> +void rand_pool_keep_random_devices_open(int keep)
> +{
> +}
> +
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#40369): https://edk2.groups.io/g/devel/message/40369
Mute This Topic: https://groups.io/mt/31552212/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list